21 matches found
CVE-2014-4851
Open redirect vulnerability in msg.php in FoeCMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the r parameter...
EUVD-2014-4768
Malware in sbrugna...
EUVD-2014-4770
Malware in sbrugna...
EUVD-2014-4769
Malware in sbrugna...
CVE-2014-4850
SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter...
CVE-2014-4849
Multiple cross-site scripting XSS vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the 1 e or 2 r parameter...
FoeCMS 1.6.6 SQL Injection
Exploit Title : FoeCMS SQL inection vulnerability in search page Author : Jagriti Sahu Vendor : http://foecms.com/ Download Link : https://github.com/themarioga/FoeCMS/archive/master.zip Date : 11/07/2014 Discovered at : IndiShell Lab Love to : Surbhi, Mradula and Harry Greez to : ALL Indian...
CVE-2014-4850
SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter...
CVE-2014-4849
Multiple cross-site scripting XSS vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the 1 e or 2 r parameter...
CVE-2014-4851
Open redirect vulnerability in msg.php in FoeCMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the r parameter...
Open redirect
Open redirect vulnerability in msg.php in FoeCMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the r parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the 1 e or 2 r parameter...
Sql injection
SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter...
CVE-2014-4850
SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter...
CVE-2014-4849
CVE-2014-4849 describes multiple cross-site scripting (XSS) weaknesses in the FoeCMS component, specifically in the file/msg handler msg.php , exploitable via the input parameters (1) e and (2) r. The issue allows remote attackers to inject arbitrary web script or HTML. The NVD metrics list a bas...
CVE-2014-4850
CVE-2014-4850 is a SQL injection vulnerability in the FoeCMS file index.php, exploitable via the i parameter to execute arbitrary SQL commands. Multiple connected sources (NVD, Red Hat advisory, CVE lists) confirm the affected component as FoeCMS and the root cause as unsafely interpolated SQL, e...
CVE-2014-4851
Open redirect vulnerability in msg.php in FoeCMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the r parameter...
CVE-2014-4849
Multiple cross-site scripting XSS vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the 1 e or 2 r parameter...
CVE-2014-4851
CVE-2014-4851 describes an open redirect in the FoeCMS component msg.php, where an attacker can use the r parameter to redirect victims to arbitrary sites, enabling phishing-like scenarios. The description and related records consistently refer to this vulnerability as an open redirect in FoeCMS ...
FoeCMS Multiple Vulnerabilities
FoeCMS suffers from cross site scripting, open redirect, and remote SQL injection vulnerabilities. Exploit Title : FoeCMS multiple vulnerability Author : Govind Singh aka NullPort Vendor : http://foecms.com/ Download Link : https://github.com/themarioga/FoeCMS/archive/master.zip Date : 05/07/2014...